package org.jackysoft.security.handler;

import javax.annotation.Resource;

import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jackysoft.service.SecurityRoleService;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

@Component("expressionHandler")
public class CustomMethodSecurityExpressionHandler extends
		DefaultMethodSecurityExpressionHandler {
	Log LOGGER = LogFactory.getLog(CustomMethodSecurityExpressionHandler.class);

	@Resource
	SecurityRoleService acegiService;
	public CustomMethodSecurityExpressionHandler() {
		super();
	}

	@Override
	protected MethodSecurityExpressionOperations createSecurityExpressionRoot(
			Authentication authentication, MethodInvocation invocation) {
		CustomSecurityExpressionRoot root = new CustomSecurityExpressionRoot(
				authentication);
	    
		root.setAcegiService(acegiService);
		root.setPermissionEvaluator(getPermissionEvaluator());
		
		return root;
	}

}
